Authentication Trust Level Network Architecture

  IJPTT-book-cover
 
International Journal of P2P Network Trends and Technology (IJPTT)          
 
© 2012 by IJPTT Journal
Volume-2 Issue-6                           
Year of Publication : 2012
Authors : Akash K Singh

Citation

Akash K Singh."Authentication Trust Level Network Architecture". International Journal of P2P Network Trends and Technology (IJPTT), V2(6):29-59  Nov - Dec 2012, ISSN:2249-2615, www.ijpttjournal.org. Published by Seventh Sense Research Group.

Abstract

Service-oriented Architectures (SOA) facilitate the dynamic and seamless integration of services offered by different service providers which in addition can be located in different trust domains. Especially for business integration scenarios, Federated Identity Management emerged as a possibility to propagate identity information as security assertions across company borders in order to secure the interaction between different services. Although this approach guarantees scalability regarding the integration of identity-based services, it exposes a service provider to new security risks. These security risks result from the complex trust relationships within a federation. In a federation the authentication of a user is not necessarily performed within the service provider’s domain, but can be performed in the user’s local domain. Consequently, the service provider has to rely on authentication results received from a federation partner to enforce access control. This implies that the quality of the authentication process is out of control by the service provider and therefore becomes a factor which needs to be considered in the access control step. In order to guarantee a designated level of security, the quality of the authentication process should be part of the access control decision. To ease this process, we propose in this paper a method to rate authentication information by a level of trust which describes the strength of an authentication method. Additionally, in order to support the concept of a two-factor authentication, we also present a mathematical model to calculate the trust level when combining two authentication methods. Quantitative Trust Management (QTM) provides a dynamic interpretation of authorization policies for access control decisions based on upon evolving reputations of the entities involved. QuanTM, a QTM system, selectively combines elements from trust management and reputation management to create a novel method for policy evaluation. Trust management, while effective in managing access with delegated credentials (as in PolicyMaker and KeyNote), needs greater flexibility in handling situations of partial trust. Reputation management provides a means to quantify trust, but lacks delegation and policy enforcement. This paper reports on QuanTM’s design decisions and novel policy evaluation procedure. A representation of quantified trust relationships, the trust dependency graph, and a sample QuanTM application specific to the KeyNote trust management language, are also proposed.

References

[1] Dynamics and Control of Large Electric Power Systems. Ilic, M. and Zaborszky, J. John Wiley & Sons, Inc. © 2000, p. 756.
[2] Modeling and Evaluation of Intrusion Tolerant Systems Based on Dynamic Diversity Backups. Meng, K. et al. Proceedings of the 2009 International Symposium on Information Processing (ISIP’09). Huangshan, P. R. China, August 21-23, 2009, pp. 101–104
[3] Characterizing Intrusion Tolerant Systems Using A State Transition Model. Gong, F. et al., April 24, 2010.
[4] Energy Assurance Daily, September 27, 2007. U.S. Department of Energy, Office of Electricity Delivery and Energy Reliability, Infrastructure Security and Energy Restoration Division. April 25, 2010.
[5] CENTIBOTS Large Scale Robot Teams. Konoledge, Kurt et al. Artificial Intelligence Center, SRI International, Menlo Park, CA 2003.
[6] Handling Communication Restrictions and Team Formation in Congestion Games, Agogino, A. and Tumer, K. Journal of Autonomous Agents and Multi Agent Systems, 13(1):97–115, 2006.
[7] Robotics and Autonomous Systems Research, School of Mechanical, Industrial and Manufacturing Engineering, College of Engineering, Oregon State University
[8] D. Dietrich, D. Bruckner, G. Zucker, and P. Palensky, “Communication and computation in buildings: A short introduction and overview,” IEEE Trans. Ind. Electron., vol. 57, no. 11, pp. 3577–3584, Nov. 2010.
[9] V. C. Gungor and F. C. Lambert, “A survey on communication networks for electric system automation,” Comput. Networks, vol. 50, pp. 877–897, May 2006.
[10] S. Paudyal, C. Canizares, and K. Bhattacharya, “Optimal operation of distribution feeders in smart grids,” IEEE Trans. Ind. Electron., vol. 58, no.10, pp. 4495–4503, Oct. 2011.
[11] D. M. Laverty, D. J. Morrow, R. Best, and P. A. Crossley, “Telecommunications for smart grid: Backhaul solutions for the distribution network,” in Proc. IEEE Power and Energy Society General Meeting, Jul. 25– 29, 2010, pp. 1–6.
[12] L. Wenpeng, D. Sharp, and S. Lancashire, “Smart grid communication network capacity planning for power utilities,” in Proc. IEEE PES, Transmission Distrib. Conf. Expo., Apr. 19–22, 2010, pp. 1–4.
[13] Y. Peizhong, A. Iwayemi, and C. Zhou, “Developing ZigBee deployment guideline under WiFi interference for smart grid applications,” IEEE Trans. Smart Grid, vol. 2, no. 1, pp. 110–120, Mar. 2011.
[14] C. Gezer and C. Buratti, “A ZigBee smart energy implementation for energy efficient buildings,” in Proc. IEEE 73rd Veh. Technol. Conf. (VTC Spring), May 15–18, 2011, pp. 1–5.
[15] R. P. Lewis, P. Igic, and Z. Zhongfu, “Assessment of communication methods for smart electricity metering in the U.K.,” in Proc. IEEE PES/IAS Conf. Sustainable Alternative Energy (SAE), Sep. 2009, pp. 1–4.

Keywords

Trust management, Trust levels, Authentication and Access Control, Web Service Federation, Federated Identity Management